<?php
//*********************************** 
//Universal Media Publishing Platform
//Editing news,tracks,artists,albums,categories
//*********************************** 

$datype = "edit";

//Подключение необходимых файлов
require_once "config.php";
require_once "engine/login.php";
require_once "engine/func.php";

if (isset($_GET["id"])) $i=$_GET["id"];
switch ($_GET["type"]){
	case "post":
		$edittype = "post";
	break;
	case "track":
		$edittype = "track";
	break;
	case "album":
		$edittype = "album";
	break;
	case "category":
		$edittype = "category";
	break;
	case "static":
		$edittype = "static";
	break;
    default:
		$edittype = "post";
}

//Считывание категорий из БД
$query = "SELECT * FROM category ORDER BY caid ";
$result1 = mysql_query($query);
while($row1 = mysql_fetch_array($result1)){
   $f[] =$row1;
}
for ($x = 0; $x < count($f); $x++) {
    $category[$f[$x]["caid"]] = $f[$x];
}

//Считывание альбомов из БД    
$query = "SELECT * FROM albums ORDER BY alid ";
$res = mysql_query($query);
while($row = mysql_fetch_array($res)){
   $albums[] =$row;
}
 
//Считывание исполнителей из БД    
$query = "SELECT * FROM artist ORDER BY arid ";
$res = mysql_query($query);
while($row = mysql_fetch_array($res)){
   $artist[] =$row;
}
 
require 'engine/meta.php';//Подключаем обработчик мета тегов

if ((check($login, $pass))&&($usrgroup==4)){
	require 'template/'.$tpl.'/mainu.tpl';
	if ($edittype=="post") {
			$query = "SELECT * FROM news WHERE poid='$i' ";
			$qrex = mysql_query($query);
			while($row = mysql_fetch_array($qrex)){
				$news[] =$row;
			}
			if ((mysql_num_rows($qrex) == 1)&&($news[0]["type"]=="post")) require 'template/'.$tpl.'/editnews.tpl';
			else echo "<html><head><meta  http-equiv='refresh' content='0; url=".$addr."' ></head></html>";
	}
	if ($edittype=="track"){
			$query = "SELECT * FROM news WHERE poid='$i' ";
			$qrex = mysql_query($query);
			while($row = mysql_fetch_array($qrex)){
				$news[] =$row;
			}
			if ((mysql_num_rows($qrex) == 1)&&($news[0]["type"]=="track")) require 'template/'.$tpl.'/edittrack.tpl';
			else echo "<html><head><meta  http-equiv='refresh' content='0; url=".$addr."' ></head></html>";
	}
	if ($edittype=="category"){
			$query = "SELECT * FROM category WHERE caid='$i' ";
			$qrex = mysql_query($query);
			while($row = mysql_fetch_array($qrex)){
				$cat[] =$row;
			}
			if (mysql_num_rows($qrex) == 1) require 'template/'.$tpl.'/editcat.tpl';
			else echo "<html><head><meta  http-equiv='refresh' content='0; url=".$addr."' ></head></html>";
	}
	if ($edittype=="static"){
			$query = "SELECT * FROM static WHERE id='$i' ";
			$qrex = mysql_query($query);
			while($row = mysql_fetch_array($qrex)){
				$static[] =$row;
			}
			if (mysql_num_rows($qrex) == 1) require 'template/'.$tpl.'/editstatic.tpl';
			else echo "<html><head><meta  http-equiv='refresh' content='0; url=".$addr."' ></head></html>";
	}
	
	
	if (isset($_POST['send'])){
		if ($edittype=="post"){
			$i=$_GET["poid"];
			if ($_POST['update']==1) $date = date("Y-m-d"); else $date = $_POST['date'];
			if ($_POST['cnt']==1) $views = "0"; else $views = $_POST['views'];
			$title = $_POST['title'];
			$title = str_replace("'", "&#039;", $title);
			if (!$_POST['url']==""){
				$url=$_POST['url'];
			}
			else{
				$url=TitleToURL($_POST['title']);
			}
			$description = $_POST['description'];
			$keywords = $_POST['keywords'];
			$short = $_POST['short'];
			$full = $_POST['full'];
			$cat = $_POST['cat'];
			if ($_POST['onmain']==1) $onmain = "1"; else $onmain = "0";
			$query = "UPDATE news SET date='$date', title='$title', url='$url', description='$description', keywords='$keywords', cat='$cat', onmain='$onmain', short='$short', full='$full', views='$views' WHERE poid='$i'"; 
			$res = mysql_query($query);
			echo "<html><head><meta  http-equiv='refresh' content='0; url=".$addr."/edit.php?type=post&id=".$i."' ></head></html>";
		}
		if ($edittype=="track"){
			$i=$_GET["poid"];
			if ($_POST['update']==1) $date = date("Y-m-d"); else $date = $_POST['date'];
			if ($_POST['cnt']==1) $views = "0"; else $views = $_POST['views'];
			$title = $_POST['title'];
			$title = str_replace("'", "&#039;", $title);
			if (!$_POST['url']==""){
				$url=$_POST['url'];
			}
			else{
				$url=TitleToURL($_POST['title']);
			}
			$trno = $_POST['trno'];
			if ($_POST['onmain']==1) $onmain = "1"; else $onmain = "0";
			$cat = $_POST['cat'];
			$description = $_POST['description'];
			$keywords = $_POST['keywords'];
			$artist = $_POST['artist'];
			$year = $_POST['year'];
			$genre = $_POST['genre'];
			$alid = substr($_POST['alid'], 0, strpos($_POST['alid'],"/"));//Poluchaem aid
			$album = substr($_POST['alid'], strlen($alid)+1, strlen($_POST['alid'])-strlen($alid)-1);//Poluchaem album
			$album = str_replace("'", "&#039;", $album);//Ubiraem '
			$length = $_POST['length'];
			$file = $_POST['file'];
			$image = $_POST['image'];
			$query = "UPDATE news SET date='$date', title='$title', url='$url', description='$description', keywords='$keywords', cat='$cat', onmain='$onmain', artist='$artist', year='$year', genre='$genre', album='$album', alid='$alid', length='$length', file='$file', image='$image', trno='$trno', views='$views' WHERE poid='$i'"; 
			$res = mysql_query($query);
			echo "<html><head><meta  http-equiv='refresh' content='0; url=".$addr."/edit.php?type=track&id=".$i."' ></head></html>";
		}
		
		if ($edittype=="category"){
			$i=$_GET["caid"];
			$title = $_POST['title'];
			$title = str_replace("'", "&#039;", $title);
			if (!$_POST['url']==""){
				$url=$_POST['url'];
			}
			else{
				$url=TitleToURL($_POST['title']);
			}
			$information = $_POST['information'];
			$description = $_POST['description'];
			$keywords = $_POST['keywords'];
			$query = "UPDATE category SET title='$title', url='$url', information='$information', description='$description', keywords='$keywords' WHERE caid='$i'"; 
			$res = mysql_query($query);
			echo "<html><head><meta  http-equiv='refresh' content='0; url=".$addr."/edit.php?type=category&id=".$i."' ></head></html>";
		}
		
		if ($edittype=="static"){
			$i=$_GET["stid"];
			$title = $_POST['title'];
			$title = str_replace("'", "&#039;", $title);
			if (!$_POST['url']==""){
				$url=$_POST['url'];
			}
			else{
				$url=TitleToURL($_POST['title']);
			}
			$content = $_POST['content'];
			if ($_POST['cnt']==1) $views = "0"; else $views = $_POST['views'];
			$description = $_POST['description'];
			$keywords = $_POST['keywords'];
			$query = "UPDATE static SET title='$title', url='$url', content='$content', description='$description', keywords='$keywords', views='$views' WHERE id='$i'"; 
			$res = mysql_query($query);
			echo "<html><head><meta  http-equiv='refresh' content='0; url=".$addr."/edit.php?type=static&id=".$i."' ></head></html>";
		}
	}
}
else{
$message = "У вас нет прав редактировать новости";
require 'template/'.$tpl.'/mainu.tpl';
} 
require 'template/'.$tpl.'/maind.tpl';
?>
            
